Queen Mary School of Law Legal Studies Research Paper #45/2010, 2010
This article attempts to determine who owns information created using cloud computing.
New information ownership laws are needed to provide a process of determining the rights of both providers and users as they relate to information created by cloud computing.
Information, unlike physical objects, cannot be owned, but rather can only be controlled based on intellectual property laws, confidence, privacy, and contracts. With the use of modern technology, including cloud computing, the issues surrounding information ownership have reached the outer bounds of current law.
Cloud computing is a process by which a company offers applications and use of hardware owned by the company via access over the internet. The company’s hardware offered for use is considered the “cloud” and the services have come to be called Software as a Service (SaaS).
As users use SaaS’s and the cloud to store, analyze, and create new information, a question arises: who owns the newly created information.
The laws of copyright, confidentiality, and contract combine to determine the “ownership” of information created in the cloud. To a large extent, the answer to who owns the information turns on which end created it, the provider or the user.
The complexity of using a cloud computing system to generate information results, most often, in a process in which both the provider and the user have contributed to generating the resulting information. As such, both parties have a legal interest in the information. In many instances, this is contrary to the intent and desire of the user.
Contracts, when appropriately drafted, appear to be the most effective mechanism for establishing an appropriate scheme of ownership rights. However, contracts need to be in place before data creation, and at present the law lacks the ability to tease apart the complex mix of rights created by cloud created information without a preexisting contract.